openpam_get_feature.c revision 255364
1/*- 2 * Copyright (c) 2012 Dag-Erling Sm��rgrav 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer 10 * in this position and unchanged. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 3. The name of the author may not be used to endorse or promote 15 * products derived from this software without specific prior written 16 * permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28 * SUCH DAMAGE. 29 * 30 * $Id: openpam_get_feature.c 608 2012-05-17 16:00:13Z des $ 31 */ 32 33#ifdef HAVE_CONFIG_H 34# include "config.h" 35#endif 36 37#include <security/pam_appl.h> 38#include <security/openpam.h> 39 40#include "openpam_impl.h" 41 42/* 43 * OpenPAM extension 44 * 45 * Query the state of an optional feature. 46 */ 47 48int 49openpam_get_feature(int feature, int *onoff) 50{ 51 52 ENTERF(feature); 53 if (feature < 0 || feature >= OPENPAM_NUM_FEATURES) 54 RETURNC(PAM_SYMBOL_ERR); 55 *onoff = openpam_features[feature].onoff; 56 RETURNC(PAM_SUCCESS); 57} 58 59/* 60 * Error codes: 61 * 62 * PAM_SYMBOL_ERR 63 */ 64 65/** 66 * EXPERIMENTAL 67 * 68 * The =openpam_get_feature function stores the current state of the 69 * specified feature in the variable pointed to by its =onoff argument. 70 * 71 * The following features are recognized: 72 * 73 * =OPENPAM_RESTRICT_SERVICE_NAME: 74 * Disallow path separators in service names. 75 * This feature is enabled by default. 76 * Disabling it allows the application to specify the path to 77 * the desired policy file directly. 78 * 79 * =OPENPAM_VERIFY_POLICY_FILE: 80 * Verify the ownership and permissions of the policy file 81 * and the path leading up to it. 82 * This feature is enabled by default. 83 * 84 * =OPENPAM_RESTRICT_MODULE_NAME: 85 * Disallow path separators in module names. 86 * This feature is disabled by default. 87 * Enabling it prevents the use of modules in non-standard 88 * locations. 89 * 90 * =OPENPAM_VERIFY_MODULE_FILE: 91 * Verify the ownership and permissions of each loadable 92 * module and the path leading up to it. 93 * This feature is enabled by default. 94 * 95 * 96 * >openpam_set_feature 97 * 98 * AUTHOR DES 99 */ 100